Authorities in Florida and Alaska on Tuesday were investigating threatening emails sent to Democratic voters that claimed to be from the Proud Boys, a far-right group supportive of President Trump, but appeared instead to be a deceptive campaign making use of a vulnerability in the organization’s online network.
The emails, which appeared to target Democrats using data from digital databases known as “voter files,” told recipients the group was “in possession of all your information” and instructed voters to change their party registration and cast their ballots for Trump.
“You will vote for Trump on Election Day or we will come after you,” the emails warned.
Enrique Tarrio, the chairman of the Proud Boys and the Florida state director of Latinos for Trump, denied involvement, saying the group operates two sites, and was increasingly migrating away from the domain used in the email campaign….
The domain, officialproudboys.com, was recently dropped by a hosting company that uses Google Cloud services, according to Google Cloud spokesman Ted Ladd. The hosting service cancelled the registration after Google Cloud notified the customer that a non-profit group had raised concerns about the Proud Boys, Ladd said.
Following the action from the hosting service, the domain appears to have been left unsecured, allowing anyone on the Internet to take control of it and use it to send out the menacing messages, said Trevor Davis, CEO of Counteraction, a Washington-based digital intelligence firm.
The lapse, which began on Oct. 8, “likely made them vulnerable to this kind of hijacking,” Davis said. “Bad actors are constantly scanning the Internet for opportunities. Given the public profile of the Proud Boys and the likelihood that whoever’s sending these emails has access to a voter file, this appears to be opportunism.”